use of org.wso2.carbon.identity.core.model.ExpressionNode in project charon by wso2.
the class PatchOperationUtil method doPatchReplaceWithFiltersForLevelOne.
/*
* This method is to do patch replace for level one attributes with a filter present.
* @param oldResource
* @param attributeParts
* @param expressionNode
* @param operation
* @param schema
* @param decoder
* @return
* @throws BadRequestException
* @throws CharonException
* @throws JSONException
* @throws InternalErrorException
*/
private static AbstractSCIMObject doPatchReplaceWithFiltersForLevelOne(AbstractSCIMObject oldResource, String[] attributeParts, ExpressionNode expressionNode, PatchOperation operation, SCIMResourceTypeSchema schema, JSONDecoder decoder) throws BadRequestException, CharonException, JSONException, InternalErrorException {
Attribute attribute = oldResource.getAttribute(attributeParts[0]);
boolean isValueFound = false;
if (attribute != null) {
if (!attribute.getType().equals(SCIMDefinitions.DataType.COMPLEX)) {
// this is multivalued primitive case
if (attribute.getMultiValued()) {
List<Object> valuesList = ((MultiValuedAttribute) (attribute)).getAttributePrimitiveValues();
for (Iterator<Object> iterator = valuesList.iterator(); iterator.hasNext(); ) {
Object item = iterator.next();
// we only support "EQ" filter
if (item.equals(expressionNode.getValue())) {
if (attribute.getMutability().equals(SCIMDefinitions.Mutability.READ_ONLY) || attribute.getMutability().equals(SCIMDefinitions.Mutability.IMMUTABLE)) {
throw new BadRequestException("Can not remove a immutable attribute or a read-only attribute", ResponseCodeConstants.MUTABILITY);
} else {
iterator.remove();
isValueFound = true;
}
}
}
if (!isValueFound) {
throw new BadRequestException("No matching filter value found.", ResponseCodeConstants.NO_TARGET);
}
valuesList.add(operation.getValues());
} else {
throw new BadRequestException("Attribute : " + expressionNode.getAttributeValue() + " " + "is not a multivalued attribute.", ResponseCodeConstants.INVALID_PATH);
}
} else {
if (attribute.getMultiValued()) {
// this is for paths value as 'emails[value EQ vindula@wso2.com]'
// this is multivalued complex case
List<Attribute> subValues = ((MultiValuedAttribute) (attribute)).getAttributeValues();
if (subValues != null) {
for (Iterator<Attribute> subValueIterator = subValues.iterator(); subValueIterator.hasNext(); ) {
Attribute subValue = subValueIterator.next();
Map<String, Attribute> subValuesSubAttribute = ((ComplexAttribute) subValue).getSubAttributesList();
for (Iterator<Attribute> iterator = subValuesSubAttribute.values().iterator(); iterator.hasNext(); ) {
Attribute subAttribute = iterator.next();
if (subAttribute.getName().equals(expressionNode.getAttributeValue())) {
if (((SimpleAttribute) (subAttribute)).getValue().equals(expressionNode.getValue())) {
if (subValue.getMutability().equals(SCIMDefinitions.Mutability.READ_ONLY) || subValue.getMutability().equals(SCIMDefinitions.Mutability.IMMUTABLE)) {
throw new BadRequestException("Can not remove a immutable attribute or a read-only attribute", ResponseCodeConstants.MUTABILITY);
} else {
subValueIterator.remove();
isValueFound = true;
}
}
}
}
}
if (!isValueFound) {
throw new BadRequestException("No matching filter value found.", ResponseCodeConstants.NO_TARGET);
}
AttributeSchema attributeSchema = SchemaUtil.getAttributeSchema(attributeParts[0], schema);
subValues.add(decoder.buildComplexAttribute(attributeSchema, (JSONObject) operation.getValues()));
}
} else {
// this is complex attribute which has multi valued primitive sub attribute.
Attribute subAttribute = attribute.getSubAttribute(expressionNode.getAttributeValue());
if (subAttribute != null) {
if (subAttribute.getMultiValued()) {
List<Object> valuesList = ((MultiValuedAttribute) (subAttribute)).getAttributePrimitiveValues();
for (Iterator<Object> iterator = valuesList.iterator(); iterator.hasNext(); ) {
Object item = iterator.next();
// we only support "EQ" filter
if (item.equals(expressionNode.getValue())) {
if (subAttribute.getMutability().equals(SCIMDefinitions.Mutability.READ_ONLY) || subAttribute.getMutability().equals(SCIMDefinitions.Mutability.IMMUTABLE)) {
throw new BadRequestException("Can not remove a immutable attribute or a read-only attribute", ResponseCodeConstants.MUTABILITY);
} else {
iterator.remove();
isValueFound = true;
}
}
}
if (!isValueFound) {
throw new BadRequestException("No matching filter value found.", ResponseCodeConstants.NO_TARGET);
}
valuesList.add(operation.getValues());
} else {
throw new BadRequestException("Sub attribute : " + expressionNode.getAttributeValue() + " " + "is not a multivalued attribute.", ResponseCodeConstants.INVALID_PATH);
}
} else {
AttributeSchema subAttributeSchema = SchemaUtil.getAttributeSchema(attributeParts[0] + "." + expressionNode.getAttributeValue(), schema);
if (subAttributeSchema.getMultiValued()) {
((ComplexAttribute) (attribute)).setSubAttribute(decoder.buildPrimitiveMultiValuedAttribute(subAttributeSchema, (JSONArray) operation.getValues()));
} else {
if (subAttributeSchema.getMultiValued()) {
((ComplexAttribute) (attribute)).setSubAttribute(decoder.buildSimpleAttribute(subAttributeSchema, operation.getValues()));
}
}
}
}
}
} else {
// add the attribute
AttributeSchema attributeSchema = SchemaUtil.getAttributeSchema(attributeParts[0], schema);
if (attributeSchema != null) {
if (attributeSchema.getType().equals(SCIMDefinitions.DataType.COMPLEX)) {
if (attributeSchema.getMultiValued()) {
MultiValuedAttribute multiValuedAttribute = new MultiValuedAttribute(attributeSchema.getName());
DefaultAttributeFactory.createAttribute(attributeSchema, multiValuedAttribute);
String complexName = attributeSchema.getName() + "_" + SCIMConstants.DEFAULT + "_" + SCIMConstants.DEFAULT;
ComplexAttribute complexAttribute = new ComplexAttribute(complexName);
DefaultAttributeFactory.createAttribute(attributeSchema, complexAttribute);
AttributeSchema subValuesSubAttributeSchema = SchemaUtil.getAttributeSchema(attributeParts[0] + "." + expressionNode.getAttributeValue(), schema);
if (subValuesSubAttributeSchema != null) {
SimpleAttribute simpleAttribute = new SimpleAttribute(subValuesSubAttributeSchema.getName(), operation.getValues());
DefaultAttributeFactory.createAttribute(subValuesSubAttributeSchema, simpleAttribute);
complexAttribute.setSubAttribute(simpleAttribute);
multiValuedAttribute.setAttributeValue(complexAttribute);
oldResource.setAttribute(multiValuedAttribute);
} else {
throw new BadRequestException("No such attribute with name : " + attributeParts[0] + "." + expressionNode.getAttributeValue(), ResponseCodeConstants.INVALID_PATH);
}
} else {
throw new BadRequestException("Attribute : " + attributeParts[0] + " " + "is not a multivalued attribute.", ResponseCodeConstants.INVALID_PATH);
}
} else {
if (attributeSchema.getMultiValued()) {
// primitive case
MultiValuedAttribute multiValuedAttribute = new MultiValuedAttribute(attributeSchema.getName());
DefaultAttributeFactory.createAttribute(attributeSchema, multiValuedAttribute);
multiValuedAttribute.setAttributePrimitiveValue(operation.getValues());
oldResource.setAttribute(multiValuedAttribute);
} else {
throw new BadRequestException("Attribute : " + attributeParts[0] + " " + "is not a multivalued attribute.", ResponseCodeConstants.INVALID_PATH);
}
}
} else {
throw new BadRequestException("No such attribute with the name : " + attributeParts[0], ResponseCodeConstants.INVALID_PATH);
}
}
return oldResource;
}
use of org.wso2.carbon.identity.core.model.ExpressionNode in project charon by wso2.
the class PatchOperationUtil method doPatchRemoveWithFiltersForLevelOne.
/*
*
* @param oldResource
* @param attributeParts
* @param expressionNode
* @return
* @throws BadRequestException
* @throws CharonException
*/
private static AbstractSCIMObject doPatchRemoveWithFiltersForLevelOne(AbstractSCIMObject oldResource, String[] attributeParts, ExpressionNode expressionNode) throws BadRequestException, CharonException {
Attribute attribute = oldResource.getAttribute(attributeParts[0]);
if (attribute != null) {
if (!attribute.getType().equals(SCIMDefinitions.DataType.COMPLEX)) {
if (attribute.getMultiValued()) {
List<Object> valuesList = ((MultiValuedAttribute) (attribute)).getAttributePrimitiveValues();
for (Iterator<Object> iterator = valuesList.iterator(); iterator.hasNext(); ) {
Object item = iterator.next();
// we only support "EQ" filter
if (item.equals(expressionNode.getValue())) {
if (attribute.getMutability().equals(SCIMDefinitions.Mutability.READ_ONLY) || attribute.getRequired().equals(true)) {
throw new BadRequestException("Can not remove a required attribute or a read-only attribute", ResponseCodeConstants.MUTABILITY);
} else {
iterator.remove();
}
}
}
// if the attribute has no values, make it unassigned
if (((MultiValuedAttribute) (attribute)).getAttributePrimitiveValues().size() == 0) {
oldResource.deleteAttribute(attribute.getName());
}
} else {
throw new BadRequestException("Attribute : " + expressionNode.getAttributeValue() + " " + "is not a multivalued attribute.", ResponseCodeConstants.INVALID_PATH);
}
} else {
if (attribute.getMultiValued()) {
// this is for paths value as 'emails[value EQ vindula@wso2.com]'
// this is multivalued complex case
List<Attribute> subValues = ((MultiValuedAttribute) (attribute)).getAttributeValues();
if (subValues != null) {
for (Iterator<Attribute> subValueIterator = subValues.iterator(); subValueIterator.hasNext(); ) {
Attribute subValue = subValueIterator.next();
Map<String, Attribute> subValuesSubAttribute = ((ComplexAttribute) subValue).getSubAttributesList();
for (Iterator<Attribute> iterator = subValuesSubAttribute.values().iterator(); iterator.hasNext(); ) {
Attribute subAttribute = iterator.next();
if (subAttribute.getName().equals(expressionNode.getAttributeValue())) {
if (((SimpleAttribute) (subAttribute)).getValue().equals(expressionNode.getValue())) {
if (subValue.getMutability().equals(SCIMDefinitions.Mutability.READ_ONLY) || subValue.getRequired().equals(true)) {
throw new BadRequestException("Can not remove a required attribute or a read-only attribute", ResponseCodeConstants.MUTABILITY);
} else {
subValueIterator.remove();
}
}
}
}
}
// if the attribute has no values, make it unassigned
if (((MultiValuedAttribute) (attribute)).getAttributeValues().size() == 0) {
oldResource.deleteAttribute(attribute.getName());
}
}
} else {
// this is complex attribute which has multi valued primitive sub attribute.
Attribute subAttribute = attribute.getSubAttribute(expressionNode.getAttributeValue());
if (subAttribute != null) {
if (subAttribute.getMultiValued() && !subAttribute.getType().equals(SCIMDefinitions.DataType.COMPLEX)) {
List<Object> valuesList = ((MultiValuedAttribute) (subAttribute)).getAttributePrimitiveValues();
for (Iterator<Object> iterator = valuesList.iterator(); iterator.hasNext(); ) {
Object item = iterator.next();
// we only support "EQ" filter
if (item.equals(expressionNode.getValue())) {
if (subAttribute.getMutability().equals(SCIMDefinitions.Mutability.READ_ONLY) || subAttribute.getRequired().equals(true)) {
throw new BadRequestException("Can not remove a required attribute or a read-only attribute", ResponseCodeConstants.MUTABILITY);
} else {
iterator.remove();
}
}
}
// if the subAttribute has no values, make it unassigned
if (((MultiValuedAttribute) (subAttribute)).getAttributePrimitiveValues().size() == 0) {
((ComplexAttribute) (attribute)).removeSubAttribute(subAttribute.getName());
}
} else {
throw new BadRequestException("Sub attribute : " + expressionNode.getAttributeValue() + " " + "is not a primitive multivalued attribute.", ResponseCodeConstants.INVALID_PATH);
}
} else {
throw new BadRequestException("No sub attribute with the name : " + expressionNode.getAttributeValue() + " " + "in the attribute : " + attributeParts[0], ResponseCodeConstants.INVALID_PATH);
}
}
}
} else {
throw new BadRequestException("No such attribute with the name : " + attributeParts[0] + " " + "in the current resource", ResponseCodeConstants.INVALID_PATH);
}
return oldResource;
}
use of org.wso2.carbon.identity.core.model.ExpressionNode in project charon by wso2.
the class FilterTreeManager method validateAndBuildFilterExpression.
/*
* Validate the simple filter and build a ExpressionNode
*
* @param filterString
* @param expressionNode
* @throws BadRequestException
*/
private void validateAndBuildFilterExpression(String filterString, ExpressionNode expressionNode) throws BadRequestException {
// verify filter string. validation should be case insensitive
if (!(Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.EQ), Pattern.CASE_INSENSITIVE).matcher(filterString).find() || Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.NE), Pattern.CASE_INSENSITIVE).matcher(filterString).find() || Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.CO), Pattern.CASE_INSENSITIVE).matcher(filterString).find() || Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.SW), Pattern.CASE_INSENSITIVE).matcher(filterString).find() || Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.EW), Pattern.CASE_INSENSITIVE).matcher(filterString).find() || Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.PR), Pattern.CASE_INSENSITIVE).matcher(filterString).find() || Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.GT), Pattern.CASE_INSENSITIVE).matcher(filterString).find() || Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.GE), Pattern.CASE_INSENSITIVE).matcher(filterString).find() || Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.LT), Pattern.CASE_INSENSITIVE).matcher(filterString).find() || Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.LE), Pattern.CASE_INSENSITIVE).matcher(filterString).find())) {
String message = "Given filter operator is not supported.";
throw new BadRequestException(message, ResponseCodeConstants.INVALID_FILTER);
}
String trimmedFilter = filterString.trim();
String[] filterParts = null;
if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.EQ), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
filterParts = trimmedFilter.split(" eq | EQ | eQ | Eq ");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.EQ, filterParts[1], expressionNode);
} else if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.NE), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
filterParts = trimmedFilter.split(" ne | NE | nE | Ne ");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.NE, filterParts[1], expressionNode);
} else if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.CO), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
filterParts = trimmedFilter.split(" co | CO | cO | Co ");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.CO, filterParts[1], expressionNode);
} else if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.SW), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
filterParts = trimmedFilter.split(" sw | SW | sW | Sw ");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.SW, filterParts[1], expressionNode);
} else if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.EW), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
filterParts = trimmedFilter.split(" ew | EW | eW | Ew ");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.EW, filterParts[1], expressionNode);
} else if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.PR), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
// with filter PR, there should not be whitespace after.
filterParts = trimmedFilter.split(" pr| PR| pR| Pr");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.PR, null, expressionNode);
} else if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.GT), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
filterParts = trimmedFilter.split(" gt | GT | gT | Gt ");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.GT, filterParts[1], expressionNode);
} else if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.GE), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
filterParts = trimmedFilter.split(" ge | GE | gE | Ge ");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.GE, filterParts[1], expressionNode);
} else if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.LT), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
filterParts = trimmedFilter.split(" lt | LT | lT | Lt ");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.LT, filterParts[1], expressionNode);
} else if (Pattern.compile(Pattern.quote(SCIMConstants.OperationalConstants.LE), Pattern.CASE_INSENSITIVE).matcher(filterString).find()) {
filterParts = trimmedFilter.split(" le | LE | lE | Le ");
setExpressionNodeValues(filterParts[0], SCIMConstants.OperationalConstants.LE, filterParts[1], expressionNode);
} else {
throw new BadRequestException(ResponseCodeConstants.INVALID_FILTER);
}
}
use of org.wso2.carbon.identity.core.model.ExpressionNode in project charon by wso2.
the class PatchOperationUtil method doPatchRemoveWithFiltersForLevelThree.
/*
*
* @param oldResource
* @param attributeParts
* @param expressionNode
* @return
* @throws BadRequestException
* @throws CharonException
*/
private static AbstractSCIMObject doPatchRemoveWithFiltersForLevelThree(AbstractSCIMObject oldResource, String[] attributeParts, ExpressionNode expressionNode) throws BadRequestException, CharonException, NotImplementedException {
Attribute attribute = oldResource.getAttribute(attributeParts[0]);
if (attribute != null) {
Attribute subAttribute = attribute.getSubAttribute(attributeParts[1]);
if (subAttribute != null) {
if (subAttribute.getMultiValued()) {
List<Attribute> subValues = ((MultiValuedAttribute) subAttribute).getAttributeValues();
if (subValues != null) {
for (Attribute subValue : subValues) {
Map<String, Attribute> subSubAttributes = ((ComplexAttribute) subValue).getSubAttributesList();
// this map is to avoid concurrent modification exception.
Map<String, Attribute> tempSubSubAttributes = (Map<String, Attribute>) CopyUtil.deepCopy(subSubAttributes);
for (Iterator<Attribute> iterator = tempSubSubAttributes.values().iterator(); iterator.hasNext(); ) {
Attribute subSubAttribute = iterator.next();
if (subSubAttribute.getName().equals(expressionNode.getAttributeValue())) {
Attribute removingAttribute = subSubAttributes.get(attributeParts[2]);
if (removingAttribute == null) {
throw new BadRequestException("No such sub attribute with the name : " + attributeParts[2] + " " + "within the attribute " + attributeParts[1], ResponseCodeConstants.INVALID_PATH);
}
if (removingAttribute.getMutability().equals(SCIMDefinitions.Mutability.READ_ONLY) || removingAttribute.getRequired().equals(true)) {
throw new BadRequestException("Can not remove a required attribute or a read-only attribute", ResponseCodeConstants.MUTABILITY);
} else {
((ComplexAttribute) subValue).removeSubAttribute(removingAttribute.getName());
}
}
}
}
if (subValues.size() == 0) {
// if the attribute has no values, make it unassigned
((ComplexAttribute) attribute).removeSubAttribute(subAttribute.getName());
}
}
} else {
// This is only valid for extensions.
Attribute subSubAttribute = subAttribute.getSubAttribute(attributeParts[2]);
if (subSubAttribute == null) {
String error = String.format("No such sub attribute with the name : %s within the attribute %s", attributeParts[2], attributeParts[1]);
throw new BadRequestException(error, ResponseCodeConstants.INVALID_PATH);
}
if (!subSubAttribute.getMultiValued()) {
String error = "Attribute : " + attributeParts[2] + " is not a multivalued attribute.";
throw new BadRequestException(error, ResponseCodeConstants.INVALID_PATH);
}
// We only support "EQ" filter.
if (!(SCIMConstants.OperationalConstants.VALUE).equals(expressionNode.getAttributeValue()) || !((SCIMConstants.OperationalConstants.EQ).trim()).equalsIgnoreCase(expressionNode.getOperation())) {
throw new NotImplementedException("Only Eq filter is supported based on implicit value attribute.");
}
List<Object> valuesList = ((MultiValuedAttribute) (subSubAttribute)).getAttributePrimitiveValues();
for (Iterator<Object> iterator = valuesList.iterator(); iterator.hasNext(); ) {
Object item = iterator.next();
if (item.equals(expressionNode.getValue())) {
if ((SCIMDefinitions.Mutability.READ_ONLY).equals(subSubAttribute.getMutability()) || subSubAttribute.getRequired().equals(true)) {
throw new BadRequestException("Can not remove a required attribute or a read-only attribute", ResponseCodeConstants.MUTABILITY);
}
iterator.remove();
}
}
// If the attribute has no values, make it unassigned.
if (((MultiValuedAttribute) (subSubAttribute)).getAttributePrimitiveValues().size() == 0) {
((ComplexAttribute) subAttribute).removeSubAttribute(subSubAttribute.getName());
}
}
} else {
throw new BadRequestException("No such sub attribute with the name : " + attributeParts[1] + " " + "within the attribute " + attributeParts[0], ResponseCodeConstants.INVALID_PATH);
}
} else {
throw new BadRequestException("No such attribute with the name : " + attributeParts[0] + " " + "in the current resource", ResponseCodeConstants.INVALID_PATH);
}
return oldResource;
}
use of org.wso2.carbon.identity.core.model.ExpressionNode in project carbon-identity-framework by wso2.
the class IdentityProviderManager method getIdPs.
/**
* Get all identity provider's Basic information along with additionally requested information depending on the
* requiredAttributes.
*
* @param limit Limit per page.
* @param offset Offset value.
* @param filter Filter value for IdP search.
* @param sortOrder Order of IdP ASC/DESC.
* @param sortBy The column value need to sort.
* @param tenantDomain TenantDomain of the user.
* @param requiredAttributes Required attributes which needs to be return.
* @return Identity Provider's Basic Information array along with requested attribute
* information{@link IdpSearchResult}.
* @throws IdentityProviderManagementException Server/client related error when getting list of Identity Providers.
*/
@Override
public IdpSearchResult getIdPs(Integer limit, Integer offset, String filter, String sortOrder, String sortBy, String tenantDomain, List<String> requiredAttributes) throws IdentityProviderManagementException {
IdpSearchResult result = new IdpSearchResult();
List<ExpressionNode> expressionNodes = getExpressionNodes(filter);
setParameters(limit, offset, sortOrder, sortBy, filter, result);
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
result.setTotalIDPCount(dao.getTotalIdPCount(tenantId, expressionNodes));
result.setIdpList(dao.getPaginatedIdPsSearch(tenantId, expressionNodes, result.getLimit(), result.getOffSet(), result.getSortOrder(), result.getSortBy(), requiredAttributes));
return result;
}
Aggregations